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Abstract 
Introduction 



PXE technology 
overview 



How PXE works 



The purpose of this document is to explain the prerequisites and methods for 
implementing Pre-Boot Execution Environment (PXE)^ in a network environment. 

The HP ProLiant Essentials Rapid Deployment Pack was developed to automate repetitive 
tasks such as configuring and deploying servers. The Rapid Deployment Pack combines 
two powerful products: the Altiris eXpress Deployment Solution and the ProLiant 
Integration Module. The Altiris eXpress Deployment Solution utilizes PXE (pronounced 
"pixie") technology to provide complete hands off deployment of servers using a network 
boot process. 

This paper provides an overview of PXE technology, describes the components in the 
Altiris eXpress Deployment Solution, and describes scenarios for implementing PXE. This 
paper assumes that readers have a basic understanding of networking terminology. 

PXE provides a common set of pre-boot services that allow one or more PXE-enabled 
clients (PXE clients) on a heterogeneous network to acquire an IP address from a 
Dynamic Host Configuration Protocol (DHCP)^ server and then download a boot image 
from a PXE boot server. 

DHCP is an extension of the bootstrap protocol BOOTP. The DHCP server maintains a 
scope (a pool of IP addresses) for each subnet and dynamically assigns an IP address to 
each PXE client based on the subnet in which it boots. The PXE boot server maintains a 
set of boot images, also known as network bootstrap program (NBP) images. The PXE 
client uses the Trivial File Transfer Protocol (TFTP)'^ to download the boot image from the 
PXE server and then it executes that image, much like booting from a diskette. 

The boot image usually uses the Universal Network Device Interface (UNDI) provided by 
the resident PXE client firmware to access the network. UNDI allows one boot image to 
work with a variety of different PXE-capable NICs because the specifics for each NIC 
are handled by the PXE client firmware. 

Note: A driver that uses UNDI (UNDI Driver) is strongly recommended in the boot 
image. It is possible to use a NIC-specific NDIS2 driver instead of the UNDI driver; 
however, its use will cause the boot image to only work on computers whose NIC is 
supported by that driver. 

Newer ProLiant servers have PXE support in their embedded NICs, while older servers 
support PXE through the addition of a stand-up NIC. Refer to the HP ProLiant Essentials 
Rapid Deployment Pack Support Matrix at www.hp.com for full details. 

PXE can be implemented in an enterprise environment in three basic scenarios. These 
scenarios are based on the physical locations of the DHCP service, the PXE boot service, 
and the PXE clients as follows: 

• The DHCP and PXE (boot) services are provided by different servers and are on the 
same subnet as the PXE client. 

• The DHCP and PXE (boot) services are provided by a single server and are on the 
same subnet as the PXE client. 

• The DHCP and PXE (boot) services are provided on a different subnet than the PXE 
clients. 

Note: The terms "service" and "server" are used interchangeably depending on whether 
DHCP and PXE are located on the same server or on different servers, respectively. 



^ PXE is a component of the Intel Wired for Management (WfM) specification. 
2 DHCP is defined by RFC 1 531 , 21 31 . 

^ Trivial File Transfer Protocol (TFTP, Revision 2) to support NBP download is specified by IETF RFC 1 350. 
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The first scenario is a typical environment where the DHCP service and PXE boot service 
are provided by different servers and are on the same subnet as the PXE clients 
(Figure 1). 

Figure 1 . DHCP and PXE boot services provided by different servers on the same subnet as the PXE 
clients 
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Figure 2 illustrates the PXE client's transactions v/ith the DHCP and PXE boot servers 
during the netv/ork boot process. First, the PXE client broadcasts a DHCP Discover 
message to locate a DHCP server (1 ). The DHCP server responds by sending the client a 
DHCP Offer containing an IP address from its scope (2). The client sends a DHCP 
Request back to the DHCP server to accept the IP address that v/as offered (3). The 
DHCP server sends a DHCP Acknowledgement to acknowledge the client's DHCP 
Request (4). 

After the client has an IP address, it sends out a Boot Service Discover to locate a PXE 
boot server (5). The PXE boot server sends the client its IP address and the name of a 
network bootstrap program (NBP) image to download (6). The PXE client downloads 
and executes the boot image using TFTP (7). 

Note: For server deployment, the PXE client is usually assigned a static IP address later in 
the deployment process. 

Figure 2. PXE boot process 
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The second scenario is a simple environment where the DHCP service and PXE boot 
service are provided by a single server and are on the same subnet as the PXE clients 
(Figure 3). This scenario is typical of labs, isolated netv/orks or loading areas. 

Figure 3. DHCP and PXE boot services provided by a single server and are on the same subnet as 
the PXE clients. 
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Figure 4 illustrates the PXE client's transactions v/ith the DHCP and PXE boot services 
during the netv/ork boot process v/hen the PXE boot service and DHCP service are 
located on the same server. This situation is knov/n as Boot Information Negotiation 
Layer (BINL) proxy mode. First, the PXE client broadcasts a DHCP Discover message to 
locate a DHCP service (1 ). The DHCP service responds by sending the client a DHCP 
Offer containing an IP address from its scope and the name of the PXE boot service, 
which is on the same server (2). The DHCP service accomplishes this by having DHCP 
option 60 "PXE client" present in its scope to notify the client to make a BINL request to 
the same server to retrieve boot information. The client sends a DHCP Request back to 
the DHCP service to accept the IP address that was offered (3). The DHCP service sends 
a DHCP Acknowledgement containing the client's IP address, PXE service IP address, 
and the name of the boot image to download (4). The PXE client downloads and 
executes the boot image using TFTP (5). 

Figure 4. PXE boot process in BINL proxy mode 
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The third scenario is an enterprise environment v/here the DHCP and PXE boot services 
are provided on a different subnet than the PXE clients. 

When a PXE client attempts a network boot, it broadcasts a DHCP Discover message to 
search for a DHCP service. Hov/ever, sv/itches are intended to constrain broadcast 
traffic to certain subnets so, by default, they do not forv/ard these DHCP messages. 

To forv/ard DHCP requests and responses betv/een the PXE client and a DHCP service on 
another subnet, customers must use a "DHCP relay agent." A computer (Proxy DHCP 
server), or a sv/itch (configured to forv/ard requests and responses) can act as a DHCP 
relay agent. The installation of DHCP relay agents allows the use of one centralized 
DHCP service for a large network. 

Figure 5 illustrates how a Proxy DHCP server can be used to forward requests and 
responses between the PXE clients and the DHCP and PXE boot services. A Proxy DHCP 
server is required in each subnet. If the DHCP and PXE boot services are running on 
different servers, then the Proxy DHCP server must be configured to forward all requests 
to both servers. 

Proxy DHCP server software can be obtained for both Windows and Linux. For 
Windows, Microsoft provides the Microsoft DHCP Relay Agent. For Linux, the Internet 
Software Consortium provides the Internet Software Consortium DHCP Relay Agent. 



Figure 5. Representation of DHCP and PXE boot services provided on a different subnet than the 
PXE clients and using a Proxy DHCP Server for forwarding messages. 
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Figure 6 illustrates the use of a switch to forward requests and responses between the 
PXE clients and the DHCP and PXE boot services. The switch must be configured to 
forward messages to the IP address of the DHCP server. For Cisco switches, this is 
accomplished by using the "IP-helper address" command. If the DHCP and PXE boot 
services are running on different servers, the switch must be configured to forward all 
requests to both of them. This option is preferred because no additional software needs 
to be running in each subnet. 



Figure 6. Representation of DHCP and PXE boot services provided on a different subnet than the 
PXE clients and using a switch for forwarding messages. 
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The Altiris eXpress Deployment Solution server and client software components are 
described below. 



The Altiris eXpress Deployment Solution server components include the following 

software: 

Deployment Server 

Deployment Server Database (Microsoft SQL or MSDE) 
Deployment Server Console 
Deployment Server Client Access Point 
Altiris eXpress PXE Server 

The Deployment Server controls the flow of the work and information between the 
managed servers and the other management components. The managed servers connect 
and communicate with the Deployment Server to register their information. This 
information is stored in the Deployment Server Database. 

The Deployment Server Database maintains all of the information about the managed 
servers such as hardware information, serial numbers, computer names, MAC and 
TCP/IP addresses, deployment history, and device and service information. The 
Database can be Microsoft SQL Server 7 (or higher) or Microsoft Data Engine (MSDE). 

The Deployment Server Console is a drag and drop graphical user interface (GUI) 
application that provides the main point of control over all of the other components. The 
Console application is used to manage the deployment process, including creating tasks 
and jobs, assigning jobs to computers, and scheduling jobs. The Console application 
can exist on its own server. 

The Client Access Point is a file share where the Deployment Server program files are 
installed and the image files, script files, and other deployment packages are stored. 
This server must have enough disk space to hold all of the images that will be deployed. 

The Altiris eXpress PXE Server provides PXE clients with a boot image. Altiris uses 
Windows 9x DOS as the basis for its images. There are two boot images: 

• The "New Computer" image is given to a PXE client that is not listed in the Altiris 
Deployment Solution Database. This image runs the BootWorks program to discover 
information about the client, and places that information into the Database. The 
client is displayed in the New Computers group of the Deployment Server Console 
and, by default, waits for an operator to initiate deployment. 

• The "Managed Computer" image is used for a PXE client that is listed in the 
Database and has been assigned a task to perform, or has a pending operation that 
requires booting to DOS. 

By default, the Altiris eXpress PXE server uses Multicast TFTP (MTFTP) to send a PXE boot 
image to multiple clients at the same time. Multicasting is different from broadcasting. 
Multicasting refers to sending a message to a select group of clients whereas 
broadcasting refers to sending a message to every client connected to a network. 
Multicasting allows IP data to be sent to a virtual group of clients using a single IP 
destination address. Some network environments do not support multicasting. For 
example, many switches are configured to not allow multicast packets. In this case, PXE 
must be configured to use TFTP to send the boot image to each PXE client individually. 
Note: Multicasting PXE boot images only saves network bandwidth when booting many 
PXE clients simultaneously. 
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Client components 



Installation 



The eXpress Deployment Solution has three client programs: the Deployment Agent for 
Windows, the Deployment Agent for Linux, and the Deployment Agent for DOS (formerly 
known as BootWorks). The Deployment Agents for Windows and Linux enable servers to 
be managed by the Deployment Server. The Deployment Agent for DOS allows DOS- 
based scripting and applications, such as disk imaging, to be performed on a server. 

For a simple deployment infrastructure, the Deployment Server, Deployment Server 
Database, Deployment Server Console, Deployment Server Client Access Point, and 
Altiris eXpress PXE server can be installed on the same server as the DHCP service 
(Figure 7). When installing the Altiris PXE server on the same machine as the Microsoft 
DHCP service, Altiris will automatically configure the Option 60 setting in the DHCP 
options, as this setting is required when PXE and DHCP reside on the same server. 

Note: A simple install may also be used when the DHCP service is running on a different 
server. 

Figure 7. Altiris eXpress Deployment Solution simple install 
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Figure 8. Custom install of Altiris eXpress Deployment Solution 
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Network design 
examples 



Simple networks 



This section examines methods to implement Rapid Deployment Pack v/ith PXE in various 
enterprise network environments. The follov/ing examples are considered: 

• Simple netv/orks 

• Enterprise netv/orks 

• Virtual LAN-based netv/orks (VLANs) 

• Geographically dispersed netv/orks (WANs) 

Figure 9 illustrates hov/ to incorporate the Rapid Deployment Pack into a simple, isolated 
netv/ork environment such as a lab, test bed, or loading area. To manage the PXE clients 
on the network, a single Deployment Server is added that contains the DHCP service and 
the Altiris eXpress Deployment Solution server components. 

Figure 9. Simple network 
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Enterprise networks This example illustrates how to incorporate the Rapid Deployment Pack into a network 

with multiple subnets. To manage the PXE clients on the entire network, a centralized 
DHCP server and a centralized Deployment Server are added to one of the subnets. A 
DHCP relay agent is added in each of the other subnets. This configuration has the 
benefit of eliminating the need for DHCP and PXE boot services on each subnet and 
reducing the labor required to set up and maintain multiple PXE servers. Figure 10 
illustrates an enterprise network where each switch in the network is configured as DHCP 
relay agent. 



Figure 10. Enterprise network with a centralized DHCP server, a centralized Deployment Server, 
and a switch for forwarding messages 
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Figure 1 1 illustrates an enterprise network where a Proxy DHCP server is installed in each 
subnet. 

Figure 11. Enterprise network with a centralized DHCP server, a centralized Deployment Server, 
and a Proxy DHCP server for forwarding messages 
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Virtual LANs Figure 1 2 illustrates hov/ to incorporate the Rapid Deployment Pack into a Virtual LAN 

(VLAN) network. The configuration of the deployment server in this example is very 
similar to the previous example. The difference is that the DHCP server and Deployment 
Server are placed into a "deployment" VLAN. When a PXE client needs to be deployed, 
it is placed into the deployment VLAN. Upon completion of the deployment operation, the 
PXE client is placed back into the appropriate "production" VLAN. 

This process requires no special configuration of the Rapid Deployment Pack softv/are. 
The benefit of a deployment VLAN is that it isolates all DHCP, PXE, and deployment 
traffic from the production netv/ork. 

Note that DHCP Relay agents are not required because all DHCP messages are 
broadcast across the deployment VLAN. If desired, the DHCP service can also be 
installed on the Deployment Server to further simplify the configuration. 

Figure 1 2. Deployment VLAN 
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WANs Figure 1 3 illustrates how to incorporate the Rapid Deployment Pack into a geographically 

dispersed network. To manage the PXE clients across all sites, a centralized Deployment 
Server is added at a main site and a DHCP server, PXE boot server, and file share are 
added at each remote site. The benefits of this configuration are that it significantly 
reduces the network traffic across the WAN links, centralizes control of the deployment 
process, and provides a high level of scalability. 

Figure 13. WAN with centralized Deployment Server and distributed DHCP server, PXE server, and 
file share 
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The steps to create this configuration are as follows: 

1 . At the main site, install a DHCP server and a Deployment Server. 

2. At each remote site, install a DHCP server, the Altiris PXE server, and a Windows file 
share. The Windows file share should be shared as "eXpress" and the permissions 
should be set for "Everyone" with Full Control. 

3. At the main site and each remote site, recreate the two default PXE boot images in 
order to add an additional file mapping. For the main site, map "G:" to the same 
location as "F:". For each remote site, map "G:" to the local file share. This is done on 
the Network Drive Mappings page of the Altiris Boot Disk Creator wizard. 

4. At the main site, in the Altiris Configuration Utility, on the Drive Mapping tab, create 
an additional drive mapping. Map "G:" to the same location as "F:". 

5. At the main site, in the Deployment Server Console, modify the jobs to use the local 
file share. 

a. For the supplied scripted install jobs, in the tasks and associated batch files, 
replace all references to "F:" with "G:". 

b. For the supplied image capture and deployment jobs, in the Create and Deploy 
Image tasks, check the "Local image store" option and then browse to the desired 
image file on "G:". 

Note: Upgrading to a new version of the Rapid Deployment Pack will overwrite the batch 
files and possibly the jobs. Be sure to back up your files before upgrading. 
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6. From the main site, copy the ".\images" and ".\deploy" directories from the 
Deployment Server Client Access Point to each remote site's file share. 

7. Be sure to keep the remote file shares in sync with the main site. 



Troubleshooting 



For troubleshooting information, please refer to the HP ProLiant Essentials Rapid 
Deployment Pack User Guide. 
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PXE is an industry-standard netv/ork protocol designed to simplify systems management. It 
provides automated netv/ork boot capability from system and NIC option ROMs in the 
server. This automated network boot allows systems to be deployed and updated from a 
centralized Rapid Deployment Pack installation. 

Although the Rapid Deployment Pack does not require the use of PXE technology, PXE 
offers tangible benefits by providing a highly stable and reliable environment in which to 
boot an automated server deployment process. These benefits include a more efficient 
use of IT resources, improved system stability, decreased server recovery time, and the 
ability to redefine the function of the servers at a moment's notice. 

Visit the HP Windows 2000 website at www.hp.com/ partners/ microsoft/ for the latest 
information about HP products, options, customer support, and documentation regarding 
Microsoft Windows 2000 products. 

To help us better understand and meet your needs for ISS technology information, please 
evaluate this paper by completing the short survey at 

http://www.zoomerana.com/survey.zai?RLMHCG99TGCNQM3Q19P5RY9B . 

Note: This URL will be active through 31 August 2003. Please send questions and further 
comments about this paper to: TechCom@hp.com . 



© Copyright 2000, 2003 Hewlett-Packard Development Company, L.P. 
The information in this document is subject to change without notice. 

Microsoft and Windows are registered trademarks of Microsoft Corporation. 



06/2003 

Document Number TC03061 STB 



13 



